Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    25s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    01/12/2022, 04:25

General

  • Target

    62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe

  • Size

    320KB

  • MD5

    17cb2ee2905dc78ee66471ea18cba4c0

  • SHA1

    f36b39552d37b22dbd79840c3c4d795fe2124244

  • SHA256

    62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a

  • SHA512

    94e3a90e5bcef2be41f4e0b07ddcdf6dd34b922a538d1040d1938a7bee35f9d3aeb1783224a725d6383b7c89253b863c320e1c2a5d88155be020fcced282666f

  • SSDEEP

    6144:dCE06UWVEudvlEvS7/jUq6JkZWspn7SMWJyJz4vz2trz:dCLurwS7776JkV7SMWJk4vze

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe
    "C:\Users\Admin\AppData\Local\Temp\62808ccc428f37e3edf8473d40a13209e02c28aab117231a5ff8a99d52b8824a.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1676

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1676-54-0x00000000764D1000-0x00000000764D3000-memory.dmp

    Filesize

    8KB